Home Technology Yes, 123456 is still the world’s most popular password

Yes, 123456 is still the world’s most popular password

By Geoffrey Tim
Posted on January 17, 2017
1 min read
13

passwords

Will people never learn? In this inter-connected, cloud-based digital world, we need passwords for just about everything. And because those passwords – and the identity theft that’s possible with them – can be lucrative, hackers are constantly trying to get hold of them.

Still, people are using the simplest, frankly dumbest passwords imaginable. Keeper, a password management company has released its list of the 25 most popular passwords. It’s information they’ve gleamed from analysing over 10 million passwords that were made public through large-scale data breaches in 2016.

The list includes far too many obvious sequential passwords – with 123456, 1234567, 12345678, 123456789 and 1234567890 all featuring within the top ten. According to Keeper, these insecure passwords account for 50% of the passwords leaked.

Here’s the list:

  1. 123456
  2. 123456789
  3. qwerty
  4. 12345678
  5. 111111
  6. 1234567890
  7. 1234567
  8. password
  9. 123123
  10. 987654321
  11. qwertyuiop
  12. mynoob
  13. 123321
  14. 666666
  15. 18atcskd2w
  16. 7777777
  17. 1q2w3e4r
  18. 654321
  19. 555555
  20. 3rjs1la7qe
  21. google
  22. 1q2w3e4r5t
  23. 123qwe
  24. zxcvbnm
  25. 1q2w3e

Firstly, if you happen to use any of those passwords for anything, it’s probably best that you change your passwords immediately, preferably to something significantly more secure. You’ll probably also want to enable two-factor authentication on whichever services you use allow for it – that means a digital attacker would need your passwords and physical access to your phone.

Says Keeper:

Use a variety of characters: Use a variety of numerical, uppercase, lowercase and special characters to have greater protection against a brute force attack.

Avoid dictionary terms: Dictionary cracks guess passwords using lists of common passwords (see left) and then move to the whole dictionary. This is typically much faster than a brute force attack because there are far fewer options.

Lastly, make use of a strong password generator and storer – something much like the very company behind this information, Keeper. There are other services, like KeePass, LastPass and more that’ll do the remembering for you.

Last Updated: January 17, 2017

13 Comments

  1. miaau

    January 17, 2017 at 11:47

    I will not allow a company like Keeper or any other to remember my passwords, thanks.

    I have two categories of passwords, depending on usage:

    1. Weak, easy to type and remember (not sequential, thanks) – for sites or simple logins to test things or whatever
    2. Bank and work. Strong, change regularly.

    Simple, really. Hope it is safe enough.

    AND, everybody please listen NOW, put screensaver password on your work computer. Really. You need it. for example, did you really not send the e-mail to CEO telling him how much you hated his work ethic? You sure? Came from your computer AND your mail account, plugged into your office. Sure you did not send it?

    Reply

    • RinceThis

      January 17, 2017 at 11:52

      0_O

      Reply

    • Geoffrey Tim

      January 17, 2017 at 11:53

      This is how I work, myself – I have a sytem that lets me generate strong secure and unique passwords and lets me remember them.

      Reply

      • miaau

        January 17, 2017 at 11:56

        But, and this the key, the system is in your head.

        My gran, as she got older, wrote her pin numbers down in her wallet. As part of a complex maths addition / long division series of sums. All she to do was remember the pattern of where the numbers where for the 5 digit pin, rather than the numbers. Worked well for her and the piece of paper just had the maths, no markings or anything else.

        Reply

  2. Generic ZA

    January 17, 2017 at 11:49

    Are users still that clueless?

    Reply

    • miaau

      January 17, 2017 at 11:57

      yes, unfortunately so.

      Reply

  3. RinceThis

    January 17, 2017 at 11:53

    I wonder if these passwords are for company accounts where no one cares? Either way, rather stupid.

    Reply

  4. Admiral Chief

    January 17, 2017 at 12:06

    mynoob…..just wut?

    Reply

  5. Ottokie

    January 17, 2017 at 12:06

    # 12 is the bestest xD

    Reply

  6. Admiral Chief

    January 17, 2017 at 12:07

    I personally use ********** for my Warframe account password

    Reply

  7. Milesh Bhana

    January 17, 2017 at 13:20

    how did 15 and 20 crack the top list? I don’t see the laziness in those. I’m guessing it’s a common combo, but can’t see why.

    Reply

    • Geoffrey Tim

      January 17, 2017 at 13:21

      They explain it:

      Why Is 18atcskd2w such a popular password? According to Security Researcher, Graham Cluley, these accounts were created by bots, perhaps with the intention of posting spam
      onto the forums.

      Reply

  8. 40 Insane Frogs

    January 17, 2017 at 16:27

    And then you make a long complicated cryptographic work of art, and then Yahoo and Linkedin just hand it to hackers….

    Sigh!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Google to let you use certain services without a password on your Android phone

Passwords are one of those annoying inconveniences of our current tech-driven world. While…